Multiple unpatched Windows holes crop up; Windows systems compromised within minutes in experiment

A recent ‘honeynet’ experiment showed that “unpatched Windows systems continue to be compromised more quickly, sometimes within minutes, the Honeynet Project report stated. Debbie Fry Wilson, director of product management for the security response centre at Microsoft, told ZDNet UK sister site CNET News.com that the company’s latest operating system is more secure than the report suggests,” Robert Lemos reports for CNET News.

“‘While it is not clear which version of Windows was used during the study, we feel that a Windows XP SP2 configuration with the Windows firewall enabled is the most resilient client operating system available in the market and can withstand attack much longer,’ Wilson said. ‘We are pleased that the report indicates that two Windows-based honeynets in Brazil withstood attack for several months. However, we are not certain that the report provides conclusive data based on a controlled and scientific study comparing the two operating systems,'” Lemos reports. “Every Windows system compromised during the study had its security breached by a worm.” Full article here.

In related news…

“Antivirus company Symantec warned its customers about a number of critical holes in Microsoft’s Windows operating system, that surfaced late Thursday and that could make Windows systems vulnerable to compromise by remote attackers. The problems do not affect Apple’s Mac OS X operating system,” Paul Roberts reports for Macworld UK.

“Symantec acted after security researchers published the details of the heap overflow vulnerabilities in messages posted to online security news groups Thursday. The flaws affect most supported versions of Windows, but Microsoft has not yet issued a patch for the newly disclosed holes. Windows users are vulnerable to Internet based attacks until patches are issued, Symantec said,” Roberts reports. Full article here.

MacDailyNews Take: For our Windows-only friends, more information about smoothly adding a safe, secure, powerful, and fun Mac OS X machine to your computing arsenal can be found here.

Related MacDailyNews articles:
Windows spyware mess is out of control, get a Mac and surf with impunity – December 21, 2004
New Microsoft Internet Explorer exploit spoofs Web sites on fully patched Windows XP systems – December 17, 2004
Microsoft may charge extra for Windows spyware protection software – December 16, 2004
Detroit Free Press: Windows malware problem getting worse, it’s time to get a Mac instead – December 16, 2004
Sick of spyware, adware headaches? Get a Mac and surf the Internet freely – December 13, 2004
Mossberg: Windows PCs plagued with problems, Apple’s Mac is ‘rock solid, elegant and affordable’ – December 09, 2004
Security expert: Don’t use Microsoft Windows, Office, Outlook, Internet Explorer – December 09, 2004
Security test: Windows XP system easily compromised while Apple’s Mac OS X stands safe and secure – November 30, 2004
Sick of spyware, adware infecting your PC? Don’t fret, just get a Mac – November 01, 2004
Microsoft: The safest way to run Windows is on your Mac – October 08, 2004
Spyware plagues Windows users while Mac users surf Net with impunity – November 01, 2004
Ballmer blames Windows users for not upgrading systems as Microsoft’s biggest security problem – October 22, 2004
Windows users line up to pay for spyware removal; Mac users surf Web with impunity – October 18, 2004
Microsoft: The safest way to run Windows is on your Mac – October 08, 2004
Windows users’ security woes spark interest in Apple’s secure Mac OS X – October 06, 2004
Windows desktop monopoly threatened by secure, safe Apple Mac OS X – October 04, 2004
Even Bill Gates can’t avoid Windows malware; Mac users surf the Web freely – October 03, 2004
Cyber-security adviser uses Apple Macintosh to avoid Windows’ security woes – September 27, 2004
Information Security Investigator says switch from Windows to Mac OS X for security – September 24, 2004
Mossberg: Apple iMac G5 ‘powerful, affordable, virus-free with better, more modern OS than Windows XP’ – September 23, 2004
USA Today: people are switching from Windows to Mac because of security issues – September 21, 2004
Windows besieged by hackers; number of Windows viruses soars by more than 400% – September 20, 2004
USA Today columinst angry about Windows viruses, adware, spyware – September 15, 2004
University of Chicago recommends all students patch Windows at least once a day – September 14, 2004
Windows XP worm speaks to users as it deletes their files; Macintosh unaffected – September 13, 2004
Security is top priority in Apple’s Mac OS X – September 12, 2004
Millions of Windows PC’s hijacked by hackers, turned into zombies; Macintosh unaffected – September 08, 2004
Mossberg: Dump your Windows machine and get an Apple Macintosh to free yourself of spyware – August 25, 2004
Tired of patching patches to patch Windows patches? Writer suggests getting a Mac – August 03, 2004
Windows ‘Scob’ virus designed to steal financial data, passwords; Macintosh unaffected – June 26, 2004
Gartner: Worms jack up the total cost of Microsoft Windows – May 07, 2004
Spyware, adware plague Windows users online; Mac OS X users surf freely – April 19, 2004
SmartMoney: Long-suffering Windows users can only dare to dream of Mac’s ease-of-use – February 12, 2004
Mac OS X has no viruses; what’s wrong with Windows? – February 11, 2004
Gates: Windows ‘by far the most secure’ system; tries to use ‘Mac OS X secure through obscurity’ myth – January 27, 2004
Columnist tries the ‘security through obscurity’ myth to defend Windows vs. Macs on virus front – October 1, 2003
New York Times: Mac OS X ‘much more secure than Windows XP’ – September 18, 2003
Wall Street Journal’s Mossberg on making the switch from Windows to Mac – September 18, 2003
Fortune columnist: ‘get a Mac’ to thwart viruses; right answer for the wrong reasons – September 02, 2003
Shattering the Mac OS X ‘security through obscurity’ myth – August 28, 2003
Is Mac OS X really inherently more secure than Windows? – August 26, 2003
Chicago Sun-Times columnist: Windows ‘many holes in its security’ but ‘none of my Macs have ever been affected – August 26, 2003
Sick of worms and viruses? ‘Move to Mac OS X’ suggests Chicago Tribune columnist – August 25, 2003
Virus and worm problems not just due to market share; Windows inherently insecure vs. Mac OS X – August 24, 2003

24 Comments

  1. Every time I read MDN’s smug but helpful link to the apple website for those who use the windows machines, I can’ help but wonder how many windows only users actually come to this site and are the type that would be willing to switch.

  2. What a bummer it would be to get a windoze computer for Christmas:

    http://apnews.excite.com/article/20041225/D876DH602.html

    “Hackers Aim to Sabotage Holiday Computing

    Dec 24, 10:03 PM (ET)

    By RACHEL KONRAD

    SAN JOSE, Calif. (AP) – Hackers, spammers and spies go into overdrive in December and January, when unsuspecting neophytes unwrap new computers, connect to the Internet, and, too often, get hit with viruses, spyware and other nefarious programs.

    “People want to get on the Net right away, just like they want to put together and start using any Christmas present,” said Tony Redmond, chief technology officer of Palo Alto, Calif.-based computer giant Hewlett-Packard Co., whose new PCs ship with 60 days of virus and adware protection. “They should be warned that the Net is a very, very dangerous place.”

    and

    “Some experts wonder whether the computer has become the digital age equivalent of a puppy – an enthralling treasure on Christmas morning, but a sinkhole for time and energy for years after. At very least, computers are far more demanding than the typical holiday toy, which merely requires batteries.

    “At some point, people who receive them for Christmas often ask, ‘Is this computer a gift or a curse?'” Ross said. “

  3. “….and can withstand attack much longer….”

    uhhh … how much longer ??

    “….Every Windows system compromised during the study had its security breached by a worm..”

    uhhh…. until the next “worm du jour” happens along !! … (obviously)

    The thing that irritates me the most…. are the latest commercials for ISPs …. (AO-hell… Net-Zero … Netscape… et al.) … all promising
    the usual,…. spam-blockers, anti spyware… and COMPUTER virus protection…

    Isnt it time to call a spade… a spade ??

    Whenever you hear someone refer to it as a “computer” virus… politely correct them… and tell them,

    “Its not just a “computer” virus…. its a WinDoze virus… because…the only type of machine these viruses affect… are those which run WinDoze… !!

    Change their thinking on this one topic, and you may get them to begin to …..”Think Differently” ….

  4. “a Windows XP SP2 configuration with the Windows firewall enabled is the most resilient client operating system available in the market”

    bwaaahaaahaaa – that is hysterical! Her statement had to be issued via a PR release because no one could have possibly said that and kept a straight face. Unless by “resilient” she means you can keep installing and reinstalling over and over and over.

  5. You might say, hey, that’s not fair, it’s an “unpatched Windows system!”

    Unwrap a Mac Christmas morning and plug IT in umpatched to the internet (as a LOT of Mac & Windows users will be doing this morning) and see what happens.
    True plug-n-play!

    Merry Christmas guys! (oh, and MacBeth too!)

  6. from article:
    we feel that a Windows XP SP2 configuration with the Windows firewall enabled is the most resilient client operating system available in the market

    What a load of rat turds. Mac OS X is clearly, definably, and demonstrably safer than any Windows system, including Win XP SP2. It may be more difficult for XP2 to get certain internet worms, but it’s still susceptible to loads of viruses, trojan horses, and what about spyware, adware, bloatware and all manner of so called “crapware” along with problems with pop-up windows, etc, etc…

    Sitting untouched in a controlled lab experiment is a far cry from actual use by a human being which can add a variety of additional security concerns.

Reader Feedback

This site uses Akismet to reduce spam. Learn how your comment data is processed.